kubernetes配置管理中的ConfigMap

ConfigMap 是一种 API 对象,用来将非机密性的数据保存到健值对中。使用时可以用作环境变量、命令行参数或者存储卷中的配置文件。

ConfigMap 将您的环境配置信息和 容器镜像 解耦,便于应用配置的修改。| ] : 0 T当您需要储存机密信息时可以使用 Secret 对象。

ConfigMap 和 Secret 同为配置管理中的传参内容,但是 ConfigMap 的数据为明文传输,而 Secret 的数据是 base6R * ~ 0 , ] k4 加密以后的传参过程;

使用 ConfigMap 将配2 J u 8 ( K置数据和应用程序代码分开。

首先定义一个 configmap 类型配置信息,q 2 4 o 7 h 6 O s采用键值对,然后我们用 pod 根据 valueFrom.configMapKeyRef 字段引用 configa 2 ,map 中定义的键值对。

k8s官方文档地址:https://kubernetep { j 1 V O 4 w as.io/zh/docs/concepts/configuration/configmap/

[root@master1 secret{ 1 ]# vim configmap1.yI R 7aml
[root@master1 secret]# cat configmap1.yaml
apiVersion: v1
kind: ConfigMapV - 2 K S
metadata:
name: myconfig
namespace: default
data:
special.leve? X 3 N ?l: info
special.typeu T Z H , v: hello
---
apiVersion: v1
kind:F % B t . q t L & Pod
metadata:
name: mypod
spec:
containers:
- name: busybox
image: busybox
command: [ "/bin/sh", "-c", "echos g - i $(LEVEL) $(TYPE)" ]
env:
- name: LEVEL
valueFrom:
configMapKeyRef:
name: myconfig
key: special.level
- name: TYPE
valueFrom:
con # o k ^ x QfigMapKeyRefi / 8 d } @ + ) I:
name: myconfig
key: special.type
restartPolicy: Never
[root@= 0 P 1 r 4master1 secret]# kubectl apply -f configmap1.yaml
configmap/myconfig created
pod/mypod created
[roJ q x `ot@master1 secret]# kubectl get pods 0 {
NAME                               READY   STATUS      RESTARTS   AGE
m! l I : Rypod                              0/1     Completed   0          20s
nginx-deployment-9cdc9 . #9bd5c-pzzst   1/1     Running     1          3d14h
secret-enl l y F W _ [v-pod                     1/1     Running     0          37mi p Z w ] c
web-nginx-dep^ n S2N x Y Y q v G d %-66ccfd7fb7-z2x84    1/1     Runni{ ( @ } z p R _ ang     1          8d
[root@master1 secret]# kuba + x v _ectl get cm
NAME       DATA   AGE
myconfig   2      7m30s
[root@master1 secret]# kubectl d Q % W 7 = ^ /escribe cm myconfig
Name:         myconfig
Namespace:    default
Labels:       <none>
AnnotatY ! Q n 5 } !ions:  ku[ T ! a =bectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1",L ; s c B F"data":{"special.levelC ] | y x 4 a d":"info","special.type":"hello"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"myco% ( J Vnfig...
Data
====
special.level:
----
info
special.type:
----
hello
E, 2 i m 7 I T S Tvents:  <none>
# 通过查看日志得到我们定义的cU , 6onfigmap配置管理信息
[root@master1 secret]# kubectl lp + 6 v (ogs mypod
iu ( a @ Rnfo hello

通过 coc D j 6 6 X jnfigmap 定义一个redis的配置文件;

[root@maste7 D b f / + M 3r1 secret]# vim configmap2.yaml
[root@master1 secret]# cat configmap2.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: re; A zdis-config
data:
redis.properties: |
redis.host=127.0.Q ` = m U d0.1
redis.port=6379
redis.passwZ x U : G J }ord=123j m c456
---
apiVersion: v1
kind} b @ u } , v: Pod
metadata:
name: mypod
spec:
coC _ ] ; R _ ntainers:
- name: busybox
image: busybox
command: [ "/bin/s8 ~ L Zh","-c",8 h | v C Q o 9 G"cat /etc/config/redis.propertiep h 2 Ks" ]
volumeMounts:
- name: config-volume
mountPath: /etc/config
volumes:
- name: config-volume
configMap:
name: redis-co8 % Xnfig
restartPolicy: Never
[r= c E D aoot@master1* X !  secP . e ^ret]# kubectl app9 c a E Jly -f configmap2.yaml
configmap/redis-config created
pod/mypod created
[rooy I w p M !t@master1 secret]# kubectl get cm
NAME           DATA   AGE
redis-config   1      7s
[root@master1 secret]# kubep ~ 2 2 ] * o Cctl describe  cm redis-config
Name:         redis-config
Namespace:    default
Lu r B x K . G -abels:       <none>
AnE a K *notations:  kubectl.kubernetes.i] c T o a Q D &o/last-applieX o *d-configuration:
{"apiVersion":"v1",3 T |  { E p 4 7"data 5 R 0 | T 8 j":{= A h B )"redis.properties":"redis.host=127.0.0.1\nredis.port=6379\nredist 1 D  T # 6 k.password=123456\n"},"kind":"CoL m j W + 7 ;nfigMap","metada...
Data
====
redis.properties:
----
redis.host=127.0.0.1
redis.port=637c o ? D9
redis.password=123456
Events:  <none>
[root@master1 secret]# kubectl get pods
NAME                               READY   S2 ` = + 0 ^  8 bTATUS      RESTARTS   AGE
mypod                              0/1     Completed   0          49s
nginx-deployment-9cdc9bd5c-pzzst   1/1     Running     1          3d15h
secret-env-pod                     1/1     Running     0          48m
web-nginx-dep2-66ccfd7fb[ p # y L T + 97-z2x84    1/1     Running     1          8d
[root@master1 secret]# kubectl logs mypod
reK _ ` M ^ & +dis.host=127.0.0.1
redis.port=6379
redis.password=123456